Cyber Insurance is Becoming More Expensive

As technology continues to advance, so do cyber criminal tactics, which threaten companies across the globe with ransomware, hacks, and data breaches on a scale larger and more threatening to business than ever.

Only 3% of global cyber-risk leaders have rated their own company’s cyber security as “excellent,” while 75% of the same respondents reported that their company had experienced at least one cyberattack in the past year. Additionally, a recent report from the CyberEdge Group shows that 71% of organizations were hit by ransomware in 2021, with 63% opting for the ransom payout. With average ransom payouts at about $211,529, this lack of security and protection paired with the high risk of cyberattacks has put companies in a costly situation.

Traditional policies often do not cover or include cybersecurity breaches, hacks, ransomware, or the like. As such, insureds are turning to cyber insurance policies to plug the gap. However, due to increasing claims, cyber insurance companies are raising premiums and being increasingly selective about which organizations they are willing to insure.

Even if a company does manage to secure coverage at a rate they can afford for protection, they aren’t off the hook in terms of building up their own cyber defenses. The company’s risk posture is one of the deciding factors when insurers create cyber insurance policies, and they won’t reimburse a firm for cyber-related incidents if software isn’t updated or they are using an out-of-date patch.

Just like any other type of coverage, cyber insurance is meant to mitigate risk and loss. Policies can vary a great deal, both by carrier and amount of coverage carried. The right amount of coverage can reimburse costs tied to business email compromise, ransomware attacks, phishing attacks, and other social engineering threats for both first and third-party coverage.

In an annual report from The Howden Group, the cyber insurance market is expected to reach $25 billion by 2026. Certainly contributing to that number is the 92% year-over-year increase in cyber insurance premiums collected by the largest U.S. insurance carriers.

Cybersecurity experts expect the trend of increasing premiums to continue, with unpredictable threats only growing. The unpredictability of cyber threats makes it difficult for insurers to accurately evaluate an organization’s IT management and security control maturity, making predicting cost, risk, and coverage even more of a challenge. On the company’s side, that means receiving payouts for claims may become more difficult. Additionally, it may become increasingly difficult for organizations to obtain cyber insurance as underwriting standards become more rigorous and carriers strive to keep their loss ratios as low as possible.

S&P Global Market Intelligence reported that the average cyber insurance loss ratio was nearly 73% in 2021, reflecting a 92.6% increase from 2019. Cyber insurance companies kept just 27 cents of every dollar paid by customers in premiums, compared to 2019 when they earned 52 cents on the dollar.

In order to diminish the likelihood that a company could be deemed ineligible for cyber coverage, they may hire an expert cybersecurity broker to improve their cybersecurity program prior to applying for coverage. Experts such as Limit have insight into cyber insurance underwriting and can advise organizations in tandem with their insurance brokers as they search for the most affordable and comprehensive policy. Limit has also developed a specialized Cyber Marketplace to address the cyber security needs of their clients. The Cyber Marketplace features solutions tailored toward enhancing the client’s security posture, cyber awareness, and protocol. These solutions vary in application and range from specialized Endpoint Protection tools to 24×7 Monitoring and Detection for multiple networks and ecosystems. Most solutions on the marketplace are tailored for small to medium-sized businesses and can be easily set up and managed by one IT professional. Establishing the proper security systems and protocols upfront typically helps control for premium hikes from insurance carriers.    

More from this Author